Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/CD707A4442CD11ECB3FBF713C4F9AE02.roa
File: CD707A4442CD11ECB3FBF713C4F9AE02.roa (raw, json)
Hash identifier: fl83E8aeDIoXVqcaT109p3v64SIPG4pxMUViVjA+x9g=
Subject key identifier: 74:50:7F:45:DB:0C:A8:F4:E5:BD:12:84:73:54:04:9B:F1:AD:6A:19
Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Certificate serial: 3351
Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/CD707A4442CD11ECB3FBF713C4F9AE02.roa
Signing time: Fri 14 Oct 2022 14:40:33 +0000
ROA not before: Fri 14 Oct 2022 14:40:33 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9416
IP address blocks: 58.114.0.0/15 maxlen: 24
61.70.0.0/15 maxlen: 15
61.70.0.0/16 maxlen: 24
61.71.0.0/16 maxlen: 24
111.184.0.0/15 maxlen: 24
182.233.0.0/16 maxlen: 24
182.234.0.0/15 maxlen: 15
182.234.0.0/16 maxlen: 24
182.235.0.0/16 maxlen: 24
202.2.52.0/22 maxlen: 24
203.133.0.0/17 maxlen: 17
203.133.0.0/18 maxlen: 18
203.133.2.0/24 maxlen: 24
203.133.9.0/24 maxlen: 24
203.133.16.0/24 maxlen: 24
203.133.17.0/24 maxlen: 24
203.133.25.0/24 maxlen: 24
203.133.28.0/24 maxlen: 24
203.133.35.0/24 maxlen: 24
203.133.50.0/24 maxlen: 24
203.133.64.0/18 maxlen: 24
203.187.0.0/17 maxlen: 24
203.203.0.0/16 maxlen: 24
203.204.0.0/16 maxlen: 24
219.68.0.0/14 maxlen: 14
219.68.0.0/16 maxlen: 24
219.69.0.0/17 maxlen: 24
219.70.0.0/15 maxlen: 15
219.70.0.0/16 maxlen: 24
219.71.0.0/16 maxlen: 24
2001:d58::/32 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13137 (0x3351)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Validity
Not Before: Oct 14 14:40:33 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=634974e1-dead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:39:45:6b:01:02:3b:29:9c:d9:a0:e0:f6:a5:
3c:03:fc:90:60:4d:9d:7d:c2:e6:74:ed:32:36:52:
05:a0:dc:67:fb:79:42:d0:49:2a:30:d9:32:4b:a7:
88:84:2b:d3:4c:e4:bd:5e:92:ae:09:45:3f:7e:a1:
2d:45:85:3d:4d:53:58:79:37:72:d0:cb:fb:cb:02:
ee:10:32:4b:3b:e8:c0:c8:e5:c6:32:39:33:98:7b:
a7:e5:6c:a7:e6:47:f3:d4:31:c0:45:01:e1:c1:3a:
14:5a:68:fd:aa:b2:ff:a7:a3:a6:fb:c5:0f:68:66:
c5:90:2b:e7:f4:07:02:d3:f1:33:27:d7:e3:73:00:
8c:55:5d:7e:31:33:d4:07:af:f0:0e:9b:8b:d7:05:
e5:5d:34:ca:f5:cc:96:d9:0a:60:b5:86:8a:1c:15:
0f:09:44:8c:bc:f6:e2:ca:f4:d1:e2:51:50:d1:69:
1c:35:5e:31:2e:ad:d9:cd:4e:30:19:85:ef:b0:81:
82:29:0b:04:9a:19:be:30:6b:12:89:dd:63:88:c0:
a0:79:be:1a:2a:2a:6a:c2:74:25:ca:83:3e:42:f9:
8a:f5:a8:e7:79:61:98:7a:bf:cd:28:3b:30:d5:81:
bf:9d:54:62:50:e6:46:d7:07:09:4f:9d:0f:77:d6:
35:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:50:7F:45:DB:0C:A8:F4:E5:BD:12:84:73:54:04:9B:F1:AD:6A:19
X509v3 Authority Key Identifier:
keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/CD707A4442CD11ECB3FBF713C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.114.0.0/15
61.70.0.0/15
111.184.0.0/15
182.233.0.0-182.235.255.255
202.2.52.0/22
203.133.0.0/17
203.187.0.0/17
203.203.0.0-203.204.255.255
219.68.0.0/14
IPv6:
2001:d58::/32
Signature Algorithm: sha256WithRSAEncryption
6d:dc:26:bb:20:83:d8:44:f3:0d:3b:ba:67:5f:7a:c4:60:17:
8e:ec:bd:76:f3:ad:2e:19:23:69:5f:a1:77:f2:49:43:eb:c9:
c1:ee:e4:51:bd:cd:e7:ad:ce:85:62:60:d1:1b:e3:63:e6:b8:
99:56:20:2a:9c:24:69:0d:b5:bc:cf:9b:d3:5a:4b:f8:96:03:
72:c0:f4:39:b0:d4:8e:af:6d:7b:65:65:24:7c:df:c8:d4:7b:
d3:04:9e:94:8e:e0:a9:af:ec:2b:98:f1:09:f3:99:4b:33:44:
00:1b:47:92:0b:79:83:32:43:5b:e7:f7:29:10:00:b1:a4:33:
d1:c6:63:8a:57:52:38:f6:84:ff:e6:07:6f:9e:c1:c7:2e:fa:
c9:f2:12:bf:de:32:e9:ae:73:19:0a:22:c4:54:89:e4:6e:9d:
0c:03:bd:26:ed:cd:b8:db:36:5a:e5:36:d0:84:84:bd:c2:6b:
27:f4:f3:1f:a8:05:69:1b:61:af:4c:a3:5f:5d:9e:b5:87:57:
62:f5:16:42:46:c4:f4:0f:04:07:5c:79:8c:cc:03:3f:6f:cc:
40:73:83:52:4a:75:9c:3d:54:ca:60:10:e8:8c:0d:3c:a5:52:
58:29:a7:86:dc:77:fc:d1:bf:ff:94:4c:52:50:30:61:80:e8:
fe:bf:d9:92
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICM1EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5
MEZFNzM3NTIwHhcNMjIxMDE0MTQ0MDMzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ5NzRlMS1kZWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyzlFawECOymc2aDg9qU8A/yQYE2dfcLmdO0yNlIFoNxn+3lC0EkqMNkyS6eI
hCvTTOS9XpKuCUU/fqEtRYU9TVNYeTdy0Mv7ywLuEDJLO+jAyOXGMjkzmHun5Wyn
5kfz1DHARQHhwToUWmj9qrL/p6Om+8UPaGbFkCvn9AcC0/EzJ9fjcwCMVV1+MTPU
B6/wDpuL1wXlXTTK9cyW2QpgtYaKHBUPCUSMvPbiyvTR4lFQ0WkcNV4xLq3ZzU4w
GYXvsIGCKQsEmhm+MGsSid1jiMCgeb4aKipqwnQlyoM+QvmK9ajneWGYer/NKDsw
1YG/nVRiUOZG1wcJT50Pd9Y1TwIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFHRQf0Xb
DKj05b0ShHNUBJvxrWoZMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE
ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvQ0Q3MDdBNDQ0
MkNEMTFFQ0IzRkJGNzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMEQEAgABMD4DAwE6cgMDAT1GAwMBb7gwCgMDALbpAwMCtugDBALKAjQDBAfL
hQADBAfLuwAwCgMDAMvLAwMAy8wDAwLbRDANBAIAAjAHAwUAIAENWDANBgkqhkiG
9w0BAQsFAAOCAQEAbdwmuyCD2ETzDTu6Z196xGAXjuy9dvOtLhkjaV+hd/JJQ+vJ
we7kUb3N563OhWJg0RvjY+a4mVYgKpwkaQ21vM+b01pL+JYDcsD0ObDUjq9te2Vl
JHzfyNR70wSelI7gqa/sK5jxCfOZSzNEABtHkgt5gzJDW+f3KRAAsaQz0cZjildS
OPaE/+YHb57Bxy76yfISv94y6a5zGQoixFSJ5G6dDAO9Ju3NuNs2WuU20ISEvcJr
J/TzH6gFaRthr0yjX12etYdXYvUWQkbE9A8EB1x5jMwDP2/MQHODUkp1nD1UymAQ
6IwNPKVSWCmnhtx3/NG//5RMUlAwYYDo/r/Zkg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org